Lucene search
K

16 matches found

The Hacker News
The Hacker News
added 2023/11/16 1:51 p.m.95 views

Experts Uncover DarkCasino: New Emerging APT Threat Exploiting WinRAR Flaw

A hacking group that leveraged a recently disclosed security flaw in the WinRAR software as a zero-day has now been categorized as an entirely new advanced persistent threat APT. Cybersecurity company NSFOCUS has described DarkCasino as an "economically motivated" actor that first came to light i...

7.8CVSS8.7AI score0.97798EPSS
Exploits49
The Hacker News
The Hacker News
added 2023/01/27 1:50 p.m.47 views

Experts Uncover the Identity of Mastermind Behind Golden Chickens Malware Service

Cybersecurity researchers have discovered the real-world identity of the threat actor behind Golden Chickens malware-as-a-service, who goes by the online persona "badbullzvenom." eSentire's Threat Response Unit TRU, in an exhaustive report published following a 16-month-long investigation, said i...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2022/12/10 11:46 a.m.55 views

Hack-for-Hire Group Targets Travel and Financial Entities with New Janicab Malware Variant

Travel agencies have emerged as the target of a hack-for-hire group dubbed Evilnum as part of a broader campaign aimed at legal and financial investment institutions in the Middle East and Europe. The attacks, which took place during 2020 and 2021 and likely went as far back as 2015, involved a...

1.2AI score
Exploits0
Securelist
Securelist
added 2022/12/08 10:0 a.m.32 views

DeathStalker targets legal entities with new Janicab variant

Just to clarify, the above subheading isnt a normal quote, but a message that Janicab malware attempted to decode in its newest use of YouTube dead-drop resolvers DDRs. While hunting for less common Deathstalker intrusions that use the Janicab malware family, we identified a new Janicab variant...

0.1AI score
Exploits0
hivepro
hivepro
added 2022/08/02 10:7 a.m.19 views

Vulnerabilities & Threats that Matter 25 – 31st July

Published Vulnerabilities Interesting Vulnerabilities Active Threat Groups Targeted Countries Targeted Industries ATT&CK TTPs 462 7 4 52 22 64 For a detailed threat digest, download the pdf file here Summary The Last week of July 2022 witnessed the discovery of 462 vulnerabilities out of which 7...

1.3AI score
Exploits0
hivepro
hivepro
added 2022/07/29 7:27 a.m.24 views

Evilnum strikes commodities and cryptocurrency Forum

Threat Level Actor Report For a detailed advisory, download the pdf file here Summary In recent campaigns, the Evilnum actor group has targeted the Decentralized Finance DeFi sector using Evilnum Malware. The latest iteration of Evilnum backdoor employs a diverse set of ISO, Microsoft Word, and...

1.3AI score
Exploits0
The Hacker News
The Hacker News
added 2022/07/21 12:1 p.m.27 views

Hackers Use Evilnum Malware to Target Cryptocurrency and Commodities Platforms

The advanced persistent threat APT actor tracked as Evilnum is once again exhibiting signs of renewed activity aimed at European financial and investment entities. "Evilnum is a backdoor that can be used for data theft or to load additional payloads," enterprise security firm Proofpoint said in a...

0.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/07/04 10:4 a.m.30 views

A week in security (June 27 – July 3)

Last week on Malwarebytes Labs: Ransomware review: June 2022 AstraLocker 2.0 ransomware isn’t going to give you your files back YTStealer targets YouTube content creators ZuoRAT is a sophisticated malware that mainly targets SOHO routers Amazon Photos vulnerability could have given attackers acce...

0.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/06/30 2:13 p.m.17 views

Immigration organisations targeted by APT group Evilnum

Organisations working in the immigration sector are advised to be on high alert for Advanced Persistent Threat APT attacks. Bleeping Computer reports that European organisations, specifically, are under threat from the Evilnum hacking group. Evilnum, on the APT scene since 2018 at the earliest an...

0.3AI score
Exploits0
ThreatPost
ThreatPost
added 2021/04/05 7:46 p.m.47 views

LinkedIn Spear-Phishing Campaign Targets Job Hunters

A threat group called Golden Chickens is delivering the fileless backdoor moreeggs through a spear-phishing campaign targeting professionals on LinkedIn with fake job offers, according to researchers at eSentire. The phishing emails try to trick a victim into clicking on a malicious .ZIP file by...

7.4AI score
Exploits0References7
ThreatPost
ThreatPost
added 2020/11/03 7:18 p.m.42 views

APT Groups Finding Success with Mix of Old and New Tools

Advanced persistent threat APT groups continue to use the fog of intense geopolitics to supercharge their campaigns, but beyond these themes, actors are developing individual signature tactics for success. That’s according to Kaspersky’s most recent APT trends report for Q3 2020, which found that...

7.1AI score
Exploits0References9
Securelist
Securelist
added 2020/11/03 10:0 a.m.114 views

APT trends report Q3 2020

For more than three years, the Global Research and Analysis Team GReAT at Kaspersky has been publishing quarterly summaries of advanced persistent threat APT activity. The summaries are based on our threat intelligence research and provide a representative snapshot of what we have published and...

7.6CVSS0.5AI score0.74438EPSS
Exploits14
The Hacker News
The Hacker News
added 2020/09/04 12:37 p.m.25 views

Evilnum hackers targeting financial firms with a new Python-based RAT

An adversary known for targeting the fintech sector at least since 2018 has switched up its tactics to include a new Python-based remote access Trojan RAT that can steal passwords, documents, browser cookies, email credentials, and other sensitive information. In an analysis published by Cybereas...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2020/09/04 12:37 p.m.5 views

Evilnum hackers targeting financial firms with a new Python-based RAT

An adversary known for targeting the fintech sector at least since 2018 has switched up its tactics to include a new Python-based remote access Trojan RAT that can steal passwords, documents, browser cookies, email credentials, and other sensitive information. In an analysis published by Cybereas...

5.7AI score
Exploits0
ThreatPost
ThreatPost
added 2020/09/03 3:28 p.m.20 views

Python-based Spy RAT Emerges to Target FinTech

The Evilnum group, which specializes in targeting financial technology companies, has debuted a new tool: A Python-based remote access trojan RAT, dubbed PyVil. The malware’s emergence dovetails with a change in the chain of infection and an expansion of infrastructure for the APT. According to...

7.1AI score
Exploits0References10
ThreatPost
ThreatPost
added 2019/03/19 10:7 p.m.96 views

Cardinal RAT Resurrected to Target FinTech Firms

A malware family called Cardinal RAT has reappeared, after two years of silence, in a series of attacks that have been targeting Israel-based financial technology firms. After Cardinal RAT was first detected in 2017, the malware disappeared for two years. But now, in this latest campaign,...

0.2AI score
Exploits0References3
Rows per page
Query Builder